CVE-2008-7020

Sažetak

McAfee SafeBoot Device Encryption 4 build 4750 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.

Reference

http://seclists.org/fulldisclosure/2008/Sep/0378.html
http://secunia.com/advisories/31903
http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf
http://www.ivizsecurity.com/security-advisory-iviz-sr-08010.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/45275

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

17-08-2017 - 01:29

Objavljeno

21-08-2009 - 14:30